the answer to your question is: a. Are you trying to block Tor clients incoming from the internet?
how we try to solve it: --> exporting all exit notes at least twice a day to a list in the format 1.1.1.1 2.2.2.2 3.3.3.3 and so on. (IP-Adresses are for explanation only, not valid for this case)
after that, we create a lot of A Records for a host badclients.baddomain.local in sophos utm we created a dns-group for the baddomain.local (which exits on our dns server only) and used this object in the ruleset.
painpoint: i have no idea if the dns-group is updated regulary in the utm automaticaly. if yes, this is my solution, because the entrys of the dns-group object change from time to time
the answer to your question is: a. Are you trying to block Tor clients incoming from the internet?
how we try to solve it: --> exporting all exit notes at least twice a day to a list in the format 1.1.1.1 2.2.2.2 3.3.3.3 and so on. (IP-Adresses are for explanation only, not valid for this case)
after that, we create a lot of A Records for a host badclients.baddomain.local in sophos utm we created a dns-group for the baddomain.local (which exits on our dns server only) and used this object in the ruleset.
painpoint: i have no idea if the dns-group is updated regulary in the utm automaticaly. if yes, this is my solution, because the entrys of the dns-group object change from time to time
So there is no easy way to block tor?
I also tried different ways. All without success.
Application Control gives me a way to block Tor,
but when starting a Tor Browser it works.
Seems Application controll does not do its Job...
